IT SECURITY GOVERNANCE ANALYST

Business Area: Connected Technology

Job Purpose/Mission/Summary

IT Security Governance is responsible for assessing the information security risks in Lexmark’s environments, developing policy and system hardening standards to address the security risks and working with IT and all Lexmark business units on complying with the policies through awareness and engagement.  This role is responsible for supporting the third-party risk management process, customer audit and evaluation requests and supporting our overall compliance requirements.   

Key Roles and Responsibilities:

  • Manage the semi-annual access certification process.
  • Support the third-party risk management program through vendor response evaluations.
  • Support of the response process for customer security requests and customer security audits.
  • Analyze policy exceptions and permitted software for security risk.
  • Support various on-going compliance activities and evaluate the impact on changing regulations, including ISO 27001, ISO 20243, SOC2, FedRamp, CMMC, etc.
  • Ownership of the maintenance of Lexmark’s compliance documentation and security policies.
  • Work with Lexmark business units to implement, communicate and evangelize security policy and procedures.
  • Works independently on assigned tasks and projects with minimal management oversight and guidance.
  • Communicates and interacts with personnel and management at various levels across the organization and in other geographies.
  • Communicates results and project status effectively to management.
  • Executes special projects as assigned.

Competencies, Skills, Knowledge and Abilities:

  • Knowledge of IT Security Frameworks, such as NIST Cybersecurity Framework, CIS 18 and ISO 27001, best-practices and principles.
  • IT background and knowledge of IT business systems.
  • Experience conducting compliance or audit assessments.
  • Ability to work on own initiative with minimal supervision. 
  • Strong analytical and data analysis skills.
  • Executive presence, and strong communication, presentation and interpersonal skills. 
  • Ability to get to the heart of the problem and make sound and timely decisions to resolve problems.
  • Ability to work across different departments and communicate with end users.
  • Appropriately use and protect sensitive and confidential information acquired in the course of the job.
  • Ability to learn new concepts and information on a frequent basis.
  • Excellent organizational, documentation and project management skills with an attention to detail.
  • Proven ability to manage multiple priorities.
  • Knowledge of SailPoint, OneTrust or PowerBI tool is a plus.

Education and Experience:

  •  Required:
    • 3-5 years of experience in IT Security, Governance or audit role
    • Bachelor’s degree in business, IT, MIS, computer science or similar technical field
  • Preferred:
    • 6-10 years of relevant experience
    • CISSP, CISA, CISM or similar professional certification

You may send your application to recruitment@lexmark.com.